Before the telescope, planets and stars were just dots of light to the human eye.
Before the invention of X-rays, and the MRI, doctors often could not determine the cause of a problem until a person was in an autopsy room.
Today, there is no reason to remain blind to DDOS and Hacking intrusions.
This morning I got a text message from our training engineer at a customer site.
“Just stopped a Chinese DDOS attack at the #### school”
Our training engineer was not even doing a security audit, he was simply walking through the features of our product . He had scrolled over to our DDOS monitoring tool, and right away this attack popped out. It was as clear as a large cancerous tumor in an MRI. He noticed an outside entity was bombarding the customer link with all kinds of queries.
The attacker stood out, because our DDOS tool singles out un-invited queries, as well as giving you a count of how often they are hitting your enterprise.
Our Engineer then checked the source of the incoming IP, and thus removed any lingering doubt that this was hostile attack. The requests were originating in China.
It turned out this was not technically a DDOS attack. The attacker happened to be hitting port 22, probing for login vulnerability on all the servers inside the school. It was obviously a Bot from the frequency of the incoming requests. Combining the frequency of hits with the fact that it was an un-invited outside IP address, it stood out like a sore thumb in our DDOS monitor (easily flagged)
The IT administrator at the school was then able to block the IP, averting any further shenanigans from this hacker.
If a person showed up at your front door wearing a ski mask with an AK-47 you would likely not let them in right. The point it is , it should not be expensive or impractical for the average layman to spot an a security risk on a network. You just need a tool that exposed them, they are very obvious to a simple tool like our DDOS monitor.
If they showed up at your front door wearing a ski mask with an AK-47 you would likely not let them in. I know that sounds a bit extreme but a typical attacker will be that obvious to your DDOS security tool, if you have one in place and can easily be flagged.
Here is another detailed article on stopping DDOS attacks.